[bug#63637] [PATCH] gnu: tpm2-tools: New variable

unofficial mirror of guix-patches@gnu.org 
 help / color / mirror / code / Atom feed

* [bug#63637] [PATCH] gnu: tpm2-tools: New variable
@ 2023-05-22  6:27 Felix Lechner via Guix-patches via
  2023-05-22 14:46 ` [bug#63637] For boot-time signature checks (aka "secure boot") Felix Lechner via Guix-patches via
  2023-07-01 11:15 ` [bug#63637] [PATCH] gnu: tpm2-tools: New variable Nicolas Goaziou
  0 siblings, 2 replies; 3+ messages in thread
From: Felix Lechner via Guix-patches via @ 2023-05-22  6:27 UTC (permalink / raw)
  To: 63637; +Cc: Felix Lechner

* gnu/packages/hardware.scm (tpm-tools): New variable.
---
 gnu/packages/hardware.scm | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/gnu/packages/hardware.scm b/gnu/packages/hardware.scm
index c23299d1db..f20657cdef 100644
--- a/gnu/packages/hardware.scm
+++ b/gnu/packages/hardware.scm
@@ -61,6 +61,7 @@ (define-module (gnu packages hardware)
   #:use-module (gnu packages gnome)
   #:use-module (gnu packages gtk)
   #:use-module (gnu packages guile)
+  #:use-module (gnu packages haskell-xyz)
   #:use-module (gnu packages high-availability)
   #:use-module (gnu packages libusb)
   #:use-module (gnu packages linux)
@@ -1313,6 +1314,36 @@ (define-public tpm2-tss
 and libtss2-tcti-mssim.")
     (license license:bsd-2)))
 
+(define-public tpm2-tools
+  (package
+    (name "tpm2-tools")
+    (version "5.5")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "https://github.com/tpm2-software/tpm2-tools/"
+                           "releases/download/" version "/"
+                           "tpm2-tools-" version ".tar.gz"))
+       (sha256
+        (base32 "08y16q92dh7frsyw0zlm3q9gsfqyls0li248s2pgsysk633lknqz"))))
+    (build-system gnu-build-system)
+    (native-inputs (list autoconf
+                         automake
+                         curl
+                         libtool
+                         gnu-gettext
+                         openssl
+                         pandoc
+                         pkg-config
+                         tpm2-tss))
+    (home-page "https://github.com/tpm2-software/tpm2-tools")
+    (synopsis "Tools for the Trusted Platform Module (TPM 2.0)")
+    (description
+     "User tools for the Trusted Computing Group's (TCG) TPM2 Software Stack
+(TSS).  These programs hepl with common tasks such as key management,
+attestation, encryption, and signing.")
+    (license license:bsd-3)))
+
 (define-public libcpuid
   ;; We need to remove blobs from the source, first we have to isolate the blob
   ;; source in build system.

base-commit: 849286ba66c96534bddc04df1a47d5692cbc977e
-- 
2.40.1





^ permalink raw reply related	[flat|nested] 3+ messages in thread

* [bug#63637] For boot-time signature checks (aka "secure boot")
  2023-05-22  6:27 [bug#63637] [PATCH] gnu: tpm2-tools: New variable Felix Lechner via Guix-patches via
@ 2023-05-22 14:46 ` Felix Lechner via Guix-patches via
  2023-07-01 11:15 ` [bug#63637] [PATCH] gnu: tpm2-tools: New variable Nicolas Goaziou
  1 sibling, 0 replies; 3+ messages in thread
From: Felix Lechner via Guix-patches via @ 2023-05-22 14:46 UTC (permalink / raw)
  To: 63637

Hi,

I should have mentioned that the programs can help analyze the TPM 2.0
event log that shows the hashes of so-called Option ROMs. After the
Microblows keys are removed, such embedded firmwares (including,
possibly, on video cards) will only run after their hashes were
enrolled. Not doing so can soft-brick a device.

Kind regards
Felix

^ permalink raw reply	[flat|nested] 3+ messages in thread

* [bug#63637] [PATCH] gnu: tpm2-tools: New variable
  2023-05-22  6:27 [bug#63637] [PATCH] gnu: tpm2-tools: New variable Felix Lechner via Guix-patches via
  2023-05-22 14:46 ` [bug#63637] For boot-time signature checks (aka "secure boot") Felix Lechner via Guix-patches via
@ 2023-07-01 11:15 ` Nicolas Goaziou
  1 sibling, 0 replies; 3+ messages in thread
From: Nicolas Goaziou @ 2023-07-01 11:15 UTC (permalink / raw)
  To: 63637; +Cc: 63637-done, Felix Lechner

Hello,

Felix Lechner via Guix-patches via <guix-patches@gnu.org> writes:

> * gnu/packages/hardware.scm (tpm-tools): New variable.

Applied, with the change below. Thank you.

> +    (description
> +     "User tools for the Trusted Computing Group's (TCG) TPM2 Software Stack
> +(TSS).  These programs hepl with common tasks such as key management,
> +attestation, encryption, and signing.")

Descriptions should consist of complete sentences:

  "This package provides user tools for..."

Regards,
-- 
Nicolas Goaziou




^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2023-07-01 11:16 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-05-22  6:27 [bug#63637] [PATCH] gnu: tpm2-tools: New variable Felix Lechner via Guix-patches via
2023-05-22 14:46 ` [bug#63637] For boot-time signature checks (aka "secure boot") Felix Lechner via Guix-patches via
2023-07-01 11:15 ` [bug#63637] [PATCH] gnu: tpm2-tools: New variable Nicolas Goaziou

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).